[
https://issues.apache.org/jira/browse/CLOUDSTACK-8463?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14564831#comment-14564831
]
ASF subversion and git services commented on CLOUDSTACK-8463:
-------------------------------------------------------------
Commit 89a290f2b6cce80b19ae567e91d4052e43e33894 in cloudstack's branch
refs/heads/saml-production-grade from [[email protected]]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=89a290f ]
CLOUDSTACK-8463: Use username attribute specified in global setting
Use username attribute defined by admin from a global setting
In case of encrypted assertion/attributes:
- Decrypt them
- Check signature if provided to check authenticity of message using IdP's
public key and SP's private key
- Loop through attributes to find the username
Signed-off-by: Rohit Yadav <[email protected]>
> SAML: Allow admin to specify attribute name returned by IdP
> -----------------------------------------------------------
>
> Key: CLOUDSTACK-8463
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8463
> Project: CloudStack
> Issue Type: Sub-task
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: SAML
> Reporter: Rohit Yadav
> Assignee: Rohit Yadav
> Fix For: Future, 4.6.0, 4.5.2
>
>
> Just like the LDAP plugin, SAML plugin should allow admins to specify
> attribute names to be used to map and get user's id/username, email,
> firstname, lastname, etc.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
